SKILL BENCHMARK
Security Analyst to Security Architect Proficiency (Advanced Level)
- 23m
- 23 questions
Security Analyst to Security Architect Proficiency benchmark measures whether a learner has extensive exposure and practice with security analyst principles. A learner who scores high on this benchmark demonstrates that they have an advanced understanding of all of the areas of security analytics, can participate in IT security discussions, and can work independently with little to no oversight.
Topics covered
- describe authentication, authorization, and encryption factors and how they fit together
- describe authentication threats and non-repudiation
- describe authenticity and identity spoofing threats
- describe how to validate integrity and tampering threats
- describe information threats such as privacy breaches or data leaks
- describe methods of authentication and their best practices
- describe methods of authorization and access control
- describe methods of brute force attacks and key sizes
- describe methods of keeping login and authentication credentials secure
- describe system authentication and authorization through user account administration in Linux
- describe the approaches to network security through traffic analysis
- describe the categories of vulnerabilities using the STRIDE model
- describe the concepts of signal and noise when it comes to network traffic analysis
- describe the network forensic approach to computer networks
- describe the placement and use of sniffing and IDS sensors
- describe the privilege escalation threat model
- describe the threat of denial of service attacks
- describe the tools and techniques used by intrusion detection systems
- describe the types of application controls that can be used for traffic analysis
- describe the use of encryption methods and best practices in implementing encryption
- differentiate between public and private keys and their ciphers
- handle security policy trade-offs in situations where solutions might not align with policy
- recognize examples of security misconfiguration threats